Tuesday, July 29, 2008

Nagios - different alarm schemes for different systems

Most companies have live and development systems.
Problems on live systems should be made known to the sysadmin immediately.
Problems on development systems should not cause an email to be sent immediately.

Nagios offers possibilities to have different alarming schemes for different hosts.

1. setup a new contact group
2. setup a new generic service
3. setup two hostgroups (one for live servers, one for development systems.)
4. setup services to monitor for each hostgroup.  make use of the earlier defined service.


define contacts:

define contact{
        contact_name                    live-root
        alias                           Root live
        service_notification_period     24x7
        host_notification_period        24x7
        service_notification_options    w,u,c,r
        host_notification_options       d,r
        service_notification_commands   notify-service-by-email
        host_notification_commands      notify-host-by-email
        email                           live-root@localhost
        }

define contact{
        contact_name                    devel-root
        alias                           Root devel
        service_notification_period     24x7
        host_notification_period        24x7
        service_notification_options    w,u,c,r
        host_notification_options       d,r
        service_notification_commands   notify-service-by-email
        host_notification_commands      notify-host-by-email
        email                           devel-root@localhost
        }

define contactgroup

define contactgroup{
        contactgroup_name       live-admins
        alias                   Nagios live Administrators
        members                 live-root
        }

define contactgroup{
        contactgroup_name       devel-admins
        alias                   Nagios devel Administrators
        members                 devel-root
        }


define new generic service

define service{
        name                            live-service
        active_checks_enabled           1
        passive_checks_enabled          1
        parallelize_check               1
        obsess_over_service             1
        check_freshness                 0
        notifications_enabled           1
        event_handler_enabled           1
        flap_detection_enabled          1
        failure_prediction_enabled      1
        process_perf_data               1
        retain_status_information       1
        retain_nonstatus_information    1
                notification_interval           0
                is_volatile                     0
                check_period                    24x7
                normal_check_interval           5
                retry_check_interval            1
                max_check_attempts              4
                notification_period             24x7
                notification_options            w,u,c,r
                contact_groups                  live-admins
        register                        0
        }

define service{
        name                            devel-service
        active_checks_enabled           1
        passive_checks_enabled          1
        parallelize_check               1
        obsess_over_service             1
        check_freshness                 0
        notifications_enabled           1
        event_handler_enabled           1
        flap_detection_enabled          1
        failure_prediction_enabled      1
        process_perf_data               1
        retain_status_information       1
        retain_nonstatus_information    1
                notification_interval           0
                is_volatile                     0
                check_period                    24x7
                normal_check_interval           5
                retry_check_interval            1
                max_check_attempts              4
                notification_period             workhours # defined in timeperiods
                notification_options            w,u,c,r
                contact_groups                  devel-admins
        register                        0
        }

define hostgroups

define hostgroup {
        hostgroup_name  live-servers
                alias           Live Systems
                members         live-server-1
        }

define hostgroup {

        hostgroup_name  devel-servers

                alias           Devel Systems

                members         devel-server-1

        }

define service

define service {
        hostgroup_name                  live-servers
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
        use                             generic-service
        notification_interval           0 ; set > 0 if you want to be renotified
}

define service {
        hostgroup_name                  devel-servers
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60%
        use                             generic-service
        notification_interval           0 ; set > 0 if you want to be renotified
}



puppet and key management

In case that you need to set up a system that has already benn managed by puppet one does need to run some additional steps.
First you need to remove the key from puppetmaster:

puppetca --clean <hostname>

Then you may set up the old system from scratch,.

After puppet startup use the puppetca command on puppet master to look and sign the new key


In case that puppetca --list will not show the new host key you need to run the following steps:

1. remove ssl-keys from puppet client
2. start puppet on client
3. run puppetca --list on puppetmaster.


Saturday, July 26, 2008

puppet automated system configuration

We use puppet for automated system configuration for some time.
The developers are naming puppet the successor of cfengine.
Puppet is written in ruby and supports the following platforms:
- Linux
- OS X
- BSD
- Solaris

I will add some notes of puppet - especially about items that took us some time to find out - in the near future.